Friedrich Weber

Current state is: * ``LDAP Proxy LDAP Backend``: LDAPS is supported (see #23), STARTTLS is unsupported * ``AppLDAP Proxy``: Both LDAPS nor STARTTLS are unsupported

I added a note on how to use LDAPS for ``AppLDAP Proxy`` in the [3/serve-ldaps](https://github.com/privacyidea/privacyidea-ldap-proxy/tree/3/serve-ldaps) branch. Apparently, this is possible with just Twisted's server endpoint syntax, but I haven't checked...

@cornelinux do you think we can merge #41? Then, we would have official LDAPS support for ``LDAP Proxy LDAP backend`` *and* ``App LDAP Proxy``, so I would close this ticket...

I introduced case-insensitive matching at two places (see above), but we'll have to check that we have not missed any places in the future.

Passthrough binds need to be matched case-insensitively.

Until the policy redesign, it might be possible to mitigate this by allowing quoted action values, e.g. ``` push_title_on_mobile="This is a privacyIdea Authentication Request, would you authenticate?" ``` For parsing,...

Right, we should definitely handle this case better. Similarly, if the syntax of the ``host`` value is correct, but the given server is unavailable, we only notice when we issue...

As of d0624f69, we can now specify a connection establishment timeout in the config file. By round robin, do you mean the possibility of specifying LDAP backend servers and connecting...

I did some research and did not find anything that we could use -- but we could always build a simple server pool ourselves. I've opened #11 for that.

7f017ade adds the feature of testing the connection to the LDAP backend on startup -- it just performs an anonymous bind followed by an unbind. Right now, it just prints...